مشكلة بالمتصفح اكسبلورا 8

المساهم · 27 يونيو 2009

السلام عليكم ورحمة الله وبركاته
الصراحة اعاني من مشكلة عويصة بالمتصفح اكسبلورا 8
وهي ظهور هذه الرسالة في بعض المواقع والتي تحتو على جافا
مثل الشات الصوتي والشات الكتابي ومواقع البنوك

بالاول ركبت هذه الجافا
مركب MSJavx86
وعيت تركب عندي

بعدها اخذت الجافا من الموقع هذا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وفتح معاي الشات الكتابي
اما الشات الصوتي يعلق
دخلت الخيارات المتقدمة وطبقت اللي بالصورة ولازالت المكلة قائمة

السؤال هنا كيف احل هذه المشكلة
وهل للاكسبلورا جافا خاصة

علما ان التعليق حتى مع الفايرفوكس وجهازي باك 3 والرام 760 ميغا بايت

Demo-dash · 27 يونيو 2009

اعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم

المساهم · 27 يونيو 2009

تفضل يالغالي

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:25:02 م, on 27/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\crypserv.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\mFaraj DB viewer4.0.0\dbvstart.bat
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\xp ascs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\xp ascs\سطح المكتب\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 222.88.242.189:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHots.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHots.dll
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [dbvstart] C:\Program Files\mFaraj DB viewer4.0.0\dbvstart.bat
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\xp ascs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
--
End of file - 13095 bytes

المساهم · 27 يونيو 2009

طالع الحين يا اخوان
ياليت القى رد

وجزاكم الله خير

MMA_LORD_735 · 27 يونيو 2009

الله يعطكون العافية ...

أعمل التالي بترتــــيب ...

أولاً أغلق الأنتي فايروس ألي عندك ...

ثم ... حمل هذه الاداة ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغلها ... تظهر لك رسالة أضغط على [ Yes ] ...

تظهر رسالة بعدها مباشرة أيضاً أضغط على [ Yes ] ...

لح تشتغل الاداة و تسوي فحص ...

<< أثناء الفحص ممكن يسوي الجهاز ريستارد << أعادة تشغيل ...

بعد أعادة التشغيل ... تعود الاداة و تكمل فحص ...

أنتظر ولا تفتح أي برنامج حتى يظهر لك التقرير داخل مفكرة ...

و بهذا يكون أنتهى الفحص و التنظيف ...

أنسخ التقرير بشكل كامل ... و صحيح ...

و لصقه في ردك القادم ...

المساهم · 28 يونيو 2009

MMA_LORD_735 قال:
الله يعطكون العافية ...

أعمل التالي بترتــــيب ...

أولاً أغلق الأنتي فايروس ألي عندك ...

ثم ... حمل هذه الاداة ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغلها ... تظهر لك رسالة أضغط على [ Yes ] ...

تظهر رسالة بعدها مباشرة أيضاً أضغط على [ Yes ] ...

لح تشتغل الاداة و تسوي فحص ...

<< أثناء الفحص ممكن يسوي الجهاز ريستارد << أعادة تشغيل ...

بعد أعادة التشغيل ... تعود الاداة و تكمل فحص ...

أنتظر ولا تفتح أي برنامج حتى يظهر لك التقرير داخل مفكرة ...

و بهذا يكون أنتهى الفحص و التنظيف ...

أنسخ التقرير بشكل كامل ... و صحيح ...

و لصقه في ردك القادم ...

هلا بك يالغاي

تطلع لي الرسالة هذه

المساهم · 28 يونيو 2009

MMA_LORD_735 قال:
الله يعطكون العافية ...

أعمل التالي بترتــــيب ...

أولاً أغلق الأنتي فايروس ألي عندك ...

ثم ... حمل هذه الاداة ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغلها ... تظهر لك رسالة أضغط على [ Yes ] ...

تظهر رسالة بعدها مباشرة أيضاً أضغط على [ Yes ] ...

لح تشتغل الاداة و تسوي فحص ...

<< أثناء الفحص ممكن يسوي الجهاز ريستارد << أعادة تشغيل ...

بعد أعادة التشغيل ... تعود الاداة و تكمل فحص ...

أنتظر ولا تفتح أي برنامج حتى يظهر لك التقرير داخل مفكرة ...

و بهذا يكون أنتهى الفحص و التنظيف ...

أنسخ التقرير بشكل كامل ... و صحيح ...

و لصقه في ردك القادم ...

هذا هو التقرير

---------------------

ComboFix 09-06-26.02 - xp ascs 06/28/2009 1:45.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.758.323 [GMT -12:00]
Running from: c:\documents and settings\xp ascs\سطح المكتب\مجلد جديد\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-28 )))))))))))))))))))))))))))))))
.
2009-06-27 18:51 . 2009-06-27 18:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-27 14:20 . 2009-06-27 14:20 -------- d-----w- c:\windows\Sun
2009-06-27 14:13 . 2009-06-27 14:12 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-27 14:12 . 2009-06-27 14:12 -------- d-----w- c:\program files\Java
2009-06-27 14:11 . 2009-06-27 14:11 152576 ----a-w- c:\documents and settings\xp ascs\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-26 10:01 . 2009-06-26 10:01 -------- d-----w- c:\program files\DeepTrawl2
2009-06-25 14:44 . 2009-06-25 14:45 -------- d-----w- C:\AppServ
2009-06-25 14:25 . 2009-06-25 14:40 -------- d-----w- c:\documents and settings\xp ascs\Application Data\phpDesigner
2009-06-25 14:25 . 2009-06-28 08:36 -------- d-----w- c:\program files\phpDesigner
2009-06-25 14:12 . 2009-06-25 14:12 -------- d-----w- C:\احتياط
2009-06-25 02:44 . 2000-12-06 21:59 316344 ----a-w- c:\windows\system32\TDBGPP.DLL
2009-06-20 22:29 . 2009-06-22 18:01 -------- d-----w- c:\program files\SWiSH v2.0
2009-06-20 20:07 . 2009-06-20 20:07 -------- d-----w- c:\program files\Active Ports
2009-06-19 16:51 . 2009-06-19 16:51 44544 ------w- c:\windows\AWuninstall.exe
2009-06-18 21:07 . 2009-06-18 21:09 -------- d-----w- c:\program files\Common Files\Macromedia
2009-06-18 21:07 . 2009-06-18 21:07 -------- d-----w- c:\program files\Macromedia
2009-06-17 00:24 . 2009-06-17 01:16 -------- d-----w- c:\documents and settings\xp ascs\Application Data\dvdcss
2009-06-17 00:14 . 2009-06-17 00:14 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-16 23:31 . 2009-06-16 23:31 -------- d-----w- c:\documents and settings\xp ascs\Local Settings\Application Data\Conduit
2009-06-16 23:31 . 2009-06-16 23:31 -------- d-----w- c:\documents and settings\xp ascs\Local Settings\Application Data\Hotspot_Shield
2009-06-16 23:27 . 2009-06-16 23:27 -------- d-----w- c:\program files\Conduit
2009-06-16 23:27 . 2009-06-16 23:27 -------- d-----w- c:\program files\Hotspot_Shield
2009-06-16 22:37 . 2009-06-16 22:37 -------- d-----w- C:\Hotspot Shield
2009-06-16 22:34 . 2009-06-16 23:31 -------- d-----w- c:\program files\Hotspot Shield
2009-06-14 17:10 . 2009-06-14 17:10 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-06-13 00:55 . 2009-06-13 00:55 -------- d-----w- c:\program files\Free CSS Toolbox
2009-06-11 07:36 . 2009-04-30 21:13 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-11 07:36 . 2009-04-30 21:13 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-11 07:36 . 2009-04-30 21:13 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-06-11 07:36 . 2009-04-30 21:13 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-06-10 09:34 . 2009-06-10 09:34 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2009-06-10 01:53 . 2009-06-10 01:59 -------- d-----w- c:\program files\USB Disk Security
2009-06-10 01:44 . 2009-06-10 01:44 -------- d-----w- c:\program files\Microsoft Works
2009-06-10 01:44 . 2009-06-10 01:44 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-06-10 01:40 . 2009-06-10 01:40 -------- d-----w- c:\documents and settings\xp ascs\Local Settings\Application Data\Microsoft Help
2009-06-10 01:40 . 2009-06-10 01:43 -------- d-----w- c:\program files\Microsoft Expression
2009-06-10 01:40 . 2009-06-10 09:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-10 01:37 . 2009-06-10 01:37 -------- d--h--r- C:\MSOCache
2009-06-10 01:15 . 2009-06-10 01:26 10010768 ----a-w- c:\documents and settings\xp ascs\Application Data\IDM\DwnlData\xp ascs\klcodec485m_168\klcodec485m.exe
2009-06-06 10:07 . 2005-08-17 01:49 17516 ----a-w- c:\windows\system32\drivers\frmupgr.sys
2009-06-06 10:07 . 2005-08-17 01:45 44163 ----a-w- c:\windows\system32\drivers\btwhid.sys
2009-06-05 19:12 . 2009-06-05 19:12 -------- d--h--w- c:\windows\PIF
2009-06-04 16:05 . 2003-11-11 11:07 249856 ----a-w- c:\windows\system32\fppmon2.dll
2009-06-04 16:05 . 2003-11-03 04:16 114688 ----a-w- c:\windows\system32\fppr232.dll
2009-06-04 15:53 . 2009-06-04 15:53 -------- d-----w- c:\windows\system32\????????????
2009-06-04 15:45 . 2002-10-25 02:17 65536 ----a-w- c:\windows\system32\Crypserv.exe
2009-06-04 15:45 . 1999-06-18 21:49 165888 ----a-w- c:\windows\Ckconfig.exe
2009-06-04 15:45 . 1996-05-03 17:21 27648 ----a-r- c:\windows\Setup_ck.exe
2009-06-04 15:45 . 1996-05-03 15:36 18432 ----a-w- c:\windows\Setup_ck.dll
2009-06-04 15:45 . 1995-07-04 18:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2009-06-04 15:44 . 2009-06-25 15:16 -------- d-----w- c:\program files\Kelk 2000
2009-06-01 18:13 . 2009-06-01 18:13 33840 ----a-w- c:\windows\system32\drivers\HssDrv.sys
2009-05-31 08:43 . 2009-05-31 08:43 -------- d-----w- c:\program files\MSXML 4.0
2009-05-30 12:25 . 2009-05-30 12:25 -------- d-----w- c:\documents and settings\xp ascs\Application Data\Intel
2009-05-30 12:24 . 2009-05-30 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Intel
2009-05-30 12:22 . 2004-10-15 22:20 1654784 ----a-w- c:\windows\system32\W29MLRES.DLL
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-28 13:58 . 2009-05-22 13:14 -------- d-----w- c:\documents and settings\xp ascs\Application Data\DMCache
2009-06-28 13:56 . 2009-05-22 08:19 696352 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-28 13:53 . 2009-05-22 08:19 6350880 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-28 13:53 . 2009-05-22 08:19 5556 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-28 13:53 . 2009-05-22 08:19 53840 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-28 13:20 . 2009-05-22 08:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-28 13:00 . 2003-01-27 17:31 40316 ----a-w- c:\windows\system32\perfc001.dat
2009-06-28 13:00 . 2003-01-27 17:31 251946 ----a-w- c:\windows\system32\perfh001.dat
2009-06-28 07:30 . 2009-05-29 10:05 -------- d-----w- c:\program files\FlashFXP
2009-06-26 14:59 . 2009-05-24 09:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-19 02:16 . 2009-05-22 07:13 372928 ----a-w- c:\documents and settings\xp ascs\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-17 00:14 . 2009-05-22 13:19 -------- d-----w- c:\program files\Common Files\Real
2009-06-17 00:13 . 2003-03-19 10:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-10 06:32 . 2009-05-27 08:51 -------- d-----w- c:\program files\FISCstream v1.9b
2009-05-30 12:22 . 2009-05-22 07:19 -------- d-----w- c:\program files\Intel
2009-05-29 10:06 . 2009-05-29 10:06 -------- d-----w- c:\documents and settings\xp ascs\Application Data\FlashFXP
2009-05-28 17:07 . 2009-05-22 10:04 -------- d-----w- c:\documents and settings\xp ascs\Application Data\Notepad++
2009-05-27 09:12 . 2009-05-27 09:12 -------- d-----w- c:\documents and settings\xp ascs\Application Data\AdobeUM
2009-05-27 08:50 . 2009-05-27 00:25 249856 ------w- c:\windows\Setup1.exe
2009-05-27 08:50 . 2009-05-27 00:24 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-05-27 04:22 . 2009-05-27 01:11 -------- d-----w- c:\program files\Total Video Converter
2009-05-27 00:27 . 2009-05-27 00:25 -------- d-----w- c:\program files\mFaraj DB viewer4.0.0
2009-05-27 00:26 . 2009-05-27 00:26 -------- d-----w- c:\program files\Common Files\BitCtrl
2009-05-25 13:48 . 2009-05-25 13:48 468115 ----a-w- c:\documents and settings\xp ascs\Application Data\IDM\DwnlData\xp ascs\rp505enu_28\rp505enu.exe
2009-05-25 09:58 . 2009-05-25 09:58 -------- d-----w- c:\program files\Bonjour
2009-05-25 09:58 . 2009-05-22 09:14 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-25 09:46 . 2009-05-25 09:46 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-05-23 10:04 . 2009-05-22 07:18 -------- d-----w- c:\program files\Common Files\InstallShield
2009-05-23 08:37 . 2009-05-23 08:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-05-23 05:39 . 2009-05-23 05:39 0 ----a-w- c:\windows\nsreg.dat
2009-05-22 16:51 . 2009-05-22 13:14 -------- d-----w- c:\documents and settings\xp ascs\Application Data\IDM
2009-05-22 15:54 . 2009-05-22 15:53 -------- d-----w- c:\documents and settings\xp ascs\Application Data\IEPro
2009-05-22 15:54 . 2009-05-22 15:53 -------- d-----w- c:\program files\IEPro
2009-05-22 15:33 . 2009-05-22 15:33 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-05-22 15:27 . 2009-05-22 15:27 -------- d-----w- c:\program files\Adobe Media Player
2009-05-22 15:23 . 2009-05-22 15:23 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-05-22 14:10 . 2009-05-22 14:10 -------- d-----w- c:\program files\Ask Search Assistant
2009-05-22 14:10 . 2009-05-22 12:48 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-22 14:10 . 2009-05-22 14:10 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-05-22 14:10 . 2009-05-22 14:10 -------- d-----w- c:\program files\TechSmith
2009-05-22 14:08 . 2009-05-22 14:08 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-22 13:53 . 2009-05-22 13:52 -------- d-----w- c:\program files\SWiSHmax
2009-05-22 13:40 . 2009-05-22 13:14 -------- d-----w- c:\program files\Internet Download Manager
2009-05-22 13:30 . 2009-05-22 13:19 -------- d-----w- c:\program files\Google
2009-05-22 13:25 . 2009-05-22 13:24 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-22 13:19 . 2009-05-22 13:19 -------- d-----w- c:\program files\Real
2009-05-22 13:15 . 2009-05-22 13:15 198064 ----a-w- c:\documents and settings\xp ascs\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-05-22 12:53 . 2009-05-22 12:53 2232 ----a-w- c:\windows\java\Packages\Data\N3TZ31JR.DAT
2009-05-22 12:53 . 2009-05-22 12:53 155995 ----a-w- c:\windows\java\Packages\BBFJVPJ7.ZIP
2009-05-22 12:52 . 2009-05-22 12:52 2678 ----a-w- c:\windows\java\Packages\Data\Z75RVHR5.DAT
2009-05-22 12:52 . 2009-05-22 12:52 2678 ----a-w- c:\windows\java\Packages\Data\2VBP7ZBN.DAT
2009-05-22 12:52 . 2009-05-22 12:52 2678 ----a-w- c:\windows\java\Packages\Data\JXVN7N9R.DAT
2009-05-22 12:52 . 2009-05-22 12:52 2678 ----a-w- c:\windows\java\Packages\Data\BRLBZ9RL.DAT
2009-05-22 12:52 . 2009-05-22 12:52 2678 ----a-w- c:\windows\java\Packages\Data\9V79VT3H.DAT
2009-05-22 12:39 . 2009-05-22 12:30 -------- d-----w- c:\program files\Windows Live
2009-05-22 12:38 . 2009-05-22 12:30 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller
2009-05-22 12:29 . 2009-05-22 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-05-22 11:42 . 2009-05-22 07:05 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-22 10:22 . 2009-05-22 10:22 -------- d-----w- c:\program files\Save Flash
2009-05-22 10:04 . 2009-05-22 10:04 -------- d-----w- c:\program files\Notepad++
2009-05-22 09:07 . 2009-05-22 09:07 -------- d-----w- c:\documents and settings\xp ascs\Application Data\vlc
2009-05-22 08:57 . 2009-05-22 08:57 -------- d-----w- c:\program files\ACDSee32
2009-05-22 08:48 . 2008-01-30 06:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-05-22 08:48 . 2009-05-22 08:19 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-22 08:48 . 2009-05-22 08:19 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-22 08:48 . 2009-05-22 08:48 44808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-05-22 08:48 . 2009-05-22 08:48 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-05-22 08:48 . 2009-05-22 08:48 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-05-22 08:48 . 2009-05-22 08:48 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP\klif.sys
2009-05-22 08:41 . 2009-05-22 08:41 -------- d-----w- c:\documents and settings\xp ascs\Application Data\Thinstall
2009-05-22 08:19 . 2009-05-22 08:19 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-22 08:18 . 2009-05-22 08:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-22 07:26 . 2009-05-22 07:26 -------- d-----w- c:\program files\WIDCOMM
2009-05-22 07:25 . 2009-05-22 07:25 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-05-22 07:25 . 2009-05-22 07:25 -------- d-----w- c:\program files\Atheros
2009-05-22 07:24 . 2009-05-22 07:24 -------- d-----w- c:\program files\CONEXANT
2009-05-22 07:23 . 2009-05-22 07:23 -------- d-----w- c:\program files\Synaptics
2009-05-22 07:22 . 2009-05-22 07:22 294912 ----a-w- c:\windows\HideWin.exe
2009-05-22 07:22 . 2009-05-22 07:22 -------- d-----w- c:\program files\Realtek
2009-05-22 07:16 . 2009-05-22 07:16 -------- d-----w- c:\program files\Launch Manager
2009-05-22 07:07 . 2009-05-22 07:07 -------- d-----w- c:\program files\microsoft frontpage
2009-05-22 07:02 . 2009-05-22 07:02 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-13 05:02 . 2004-08-03 21:55 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2004-08-03 21:55 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-19 19:47 . 2004-08-03 21:46 1847040 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:52 . 2004-08-03 21:55 585216 ----a-w- c:\windows\system32\rpcrt4.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
2008-06-25 11:17 1569304 ----a-w- c:\program files\Hotspot_Shield\tbHots.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-06-16 23:26 218160 ----a-w- c:\program files\Hotspot Shield\hssie\HssIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-22 2799024]
"Google Update"="c:\documents and settings\xp ascs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-15 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2005-08-18 462848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-08 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-08 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-06-08 114688]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 688218]
"ACU"="c:\program files\Atheros\ACU.exe" [2005-01-31 253952]
"dbvstart"="c:\program files\mFaraj DB viewer4.0.0\dbvstart.bat" [2009-01-13 24576]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-15 385024]
"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2004-10-15 356352]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2003-11-11 385024]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-17 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-27 148888]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-22 206088]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-08 61952]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-08-09 14743552]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-8-16 577597]
Snagit 9.lnk - c:\program files\TechSmith\Snagit 9\Snagit32.exe [2008-11-6 7217480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-10-15 23:27 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Bluetooth.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\مجلد الدريم بوكس\\dcc295\\DCC.exe"=
"f:\\مجلد خاص لي\\دريم بوكس\\WinGrabZ\\WinGrabZ.exe"=
"f:\\مجلد خاص لي\\دريم بوكس\\DCC.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\AppServ\\Apache2.2\\bin\\httpd.exe"=
"c:\\Program Files\\phpDesigner\\phpDesigner.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 06:29 م 33808]
R2 Apache2.2;Apache2.2;c:\appserv\Apache2.2\bin\httpd.exe [17/01/2008 05:37 ص 24635]
R2 HssSrv;Hotspot Shield Routing Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [01/06/2009 06:13 ص 331312]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 07:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 06:06 م 24592]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.exe [01/06/2009 06:58 ص 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-776561741-839522115-1003.job
- c:\documents and settings\xp ascs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-15 03:02]
2009-06-28 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2009-01-01 05:04]
2009-06-28 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2009-01-01 05:04]
2009-06-28 c:\windows\Tasks\User_Feed_Synchronization-{FB8DD5AA-2C6B-40C2-A613-7F9A50E56358}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 16:31]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-AdobeBridge - (no file)

.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = 222.88.242.189:3128
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF - ProfilePath - c:\documents and settings\xp ascs\Application Data\Mozilla\Firefox\Profiles\y1bkh5nu.default\
FF - component: c:\documents and settings\xp ascs\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\xp ascs\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-28 01:56
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mysql]
"ImagePath"="c:\appserv\MySQL\bin\mysqld-nt --defaults-file=c:\appserv\MySQL\my.ini mysql"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe
c:\windows\system32\acs.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Crypserv.exe
c:\program files\Hotspot Shield\bin\openvpnas.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\appserv\MySQL\bin\mysqld-nt.exe
c:\program files\Intel\Wireless\Bin\OProtSvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\TechSmith\Snagit 9\TscHelp.exe
c:\program files\TechSmith\Snagit 9\SnagPriv.exe
c:\program files\TechSmith\Snagit 9\SnagitEditor.exe
.
**************************************************************************
.
Completion time: 2009-06-28 2:04 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-28 14:04
Pre-Run: 40,920,428,544 bytes free
Post-Run: 40,963,948,544 bytes free
290 --- E O F --- 2009-06-11 10:01

المساهم · 28 يونيو 2009

هل هذا التقرير صحيح ؟؟

المساهم · 29 يونيو 2009

منذ الامس بارك الله فيكم

المساهم · 29 يونيو 2009

المساهم · 1 يوليو 2009

رفع الموضوع

بارك الله فيكم يا اخوان
لو في حل لمشكلتي
ياليت تحلونها

المساهم · 9 يوليو 2009

للرفع للاهمية يا اخوان عدى على الموضوع اسبوع

المساهم · 10 يوليو 2009

رفع بعد اكثر من 24 ساعة

المساهم · 14 يوليو 2009

رفع بعد اكثر من يوم
ياليت القى حل بارك الله فيكم

المساهم · 14 يوليو 2009

وينكم يا اخوان ارفقت تقارير ولسى الوضع على ماهو

يمكن اطول موضوع بالوقت هذا الموضوع

المساهم · 14 يوليو 2009

هذا تقرير من الهاجيك توني سويته

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:53 م, on 13/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\mFaraj DB viewer4.0.0\dbvstart.bat
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\xp ascs\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\xp ascs\سطح المكتب\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [dbvstart] C:\Program Files\mFaraj DB viewer4.0.0\dbvstart.bat
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\xp ascs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
--
End of file - 12383 bytes

المساهم · 15 يوليو 2009

للرفع

المساهم · 16 يوليو 2009

up up up
up up
up

المساهم · 18 يوليو 2009

للاسف لم اجد من يساعدني

زيزوومي جديد

داعم للمنتدى،(خبراء زيزووم )

توقيع : Demo-dashDemo-dash is verified member.

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

توقيع : MMA_LORD_735

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

توقيع : Demo-dash